Please enable javascript to view this page in its intended format.

Queen's University
 

Help and Support

Phishing Samples

 

Note: The samples shown below are not intended as a definitive list of phishing emails in circulation at Queen's.

 

Sample 1

 

This first phishing sample was widely circulated at Queen's in the fall of 2010. It is notable for its poor spelling and grammar.

 

From: QUEEN'SU UNIVERSITY

Subject: QUEEN'SU UNIVERSITY

To: undisclosed recipients: ;

Reply-to: queenswebmailupgrade2010@gmail.com

 

Dear QUEEN'SU UNIVERSITY Webmail user,

We are currently verifying our subscribers email accounts in order to

increase the Efficiency of our webmail features. To partake in this

Recent Upgrade Taking Place at QUEEN'SU Webmail, You must Reply to this email by Confirming your account details below.

 

UserName:

Password:

Date Of Birth:

 

Failure to do this will immediately render your Web-email address

deactivated from our database.

Thanks for using QUEEN'SU webmail service.

QUEEN'SU Account upgrading.

 

QUEEN'SU UNIVERSITY, 2010

 

Sample 2

 

This second email started circulating at Queen's in early 2011. Note the use of Queen's-specific language (such as NetID, IT Support Centre, ITS Help Form) as well as Queen's official mailing address.

 

From:       IT Support Centre [helpdesk001@w.cn]
Subject:    IT Support Centre Notice/News.

This notice is to inform you that an ERROR have been detected in your NetID email account, this ERROR was caused by congestion and SPAM emails. You have been contacted in order for you to confirm your account and avoid losing it. Kindly confirm your account by sending the requested information below.

ITS Help Form

* NetID:-
* Password:-
* Phone Number:-

This notice is from IT Support Centre.


Sign,

Andy Nishimura

Queen's University
99 University Avenue
Kingston, Ontario
Canada K7L 3N6
© Queen's University

 

Sample 3

 

Finally, this third email is an example of "spear phishing", or an email that is targeted at a specific group of people. In this case, it emulates a real email that has been circulated by an ITServices staff member, except that the link to the password change tool has been altered to point to a non-Queen's URL, and the telephone number for the IT Support Centre has been altered by one digit.

 

This is a warning about a message sent to a number of people at Queen's with the subject "UPGRADE YOUR ACCOUNT".

Mail server logs indicate you may have received this message. It asks you to provide your password and other personal information via a web link. It is a hoax, attempting to steal your password. Do not reply to that message or follow any web links it contains; just delete it.

If you have already replied with your password  or gotten such mail, change your password immediately, using the ITServices password change at

http://www.jotform.com/queensu/10142820284

Do not send your password to anyone in response to an email notice. Do not assume the absence of a warning from ITServices means a request is valid.  Queen's University will never request your password by email.

If you are uncertain about the validity of a request for your password, please telephone the Queen's IT Support Centre at 613 523 6666.

rick pim
queen's its

Copyright Queen's University

Kingston, Ontario, Canada K7L 3N6 613.533.2000